Hello,
I currently have an instance of Confluence Server running on my VPS and I'm trying to get it running over HTTPS, but I'm having a few issues.
Is it possible to use Lets Encrypt with Confluence Server?
The SSL's are not password protected, and I don't think they store .keystore files, or at least none that I can find on my server.
I can access cPanel and WHM over HTTPS on the same domain so I know the domain has an SSL issued, I just can't get it working with Confluence. I've changed the server.xml file and changed the base URL, but https and port 8443 just brings up a "cannot connect" error in the browser. I could be doing something completely wrong though.
Has anyone achieved this? Any help would be greatly appreciated!
Thanks!
Hello @Amit Dhaka,
there is a good explanation provided here to automate Lets Encrypt certificate renewal for Tomcat.
However, this is quite complicated and if it's possible I would rather suggest that you use a Proxy server like Apache to achieve this.
With certbot it will be very easy, you'll only need to create a vhost file like this:
<VirtualHost *:80>
ServerName confluence.mycompany.com
DocumentRoot /var/www/
ProxyPreserveHost On
ProxyPass /.well-known !
ProxyPass / http://10.0.0.1:8090/
ProxyPassReverse / http://10.0.0.1:8090/
</VirtualHost>
and then use the certbot command to perform the SSL configuration (it will automatically add certificates and HTTPS to your vhost):
certbot --authenticator webroot --installer apache
If it works fine, you'll need to add a cron job with the "certot renew" command and that's it.
You'll find more info on how to install certbot on your server here.
On your confluence instance, you'll only need to add 3 parameters to your conf/server.xml file, int the connector block:
Let me know if this helps,
--Alexis
Hi folks
I was curious if anyone got this to work?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
my Debian 9 Confluence server runs with a Letsencrypt certificate and Apache. I was using other instructions when I configured it.
Here's what I used:
3. https://certbot.eff.org/lets-encrypt/debianstretch-apache
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.